Vulnerability in Oracle Fusion Middleware Outside In Technology
CVE-2021-35658

7.5HIGH

Key Information:

Vendor: Oracle
Status: Outside In Technology
Vendor: CVE Published:; 20 October 2021

Summary

This vulnerability in the Oracle Outside In Technology, part of Oracle Fusion Middleware, allows an unauthenticated attacker with network access to potentially exploit the system via HTTP. By sending specially crafted requests, an attacker can trigger a denial of service, resulting in Oracle Outside In Technology hanging or crashing repeatedly. The affected version, 8.5.5, is particularly vulnerable if it processes network-received data. Systems utilizing Outside In Technology should be assessed for exposure and patched promptly to mitigate this risk.

Affected Version(s)

Outside In Technology 8.5.5

References

https://www.oracle.com/security-alerts/cpuoct2021.html

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 20, 2021
Vulnerability Reserved
Jun 28, 2021